BRUSSELS — European banks and other finance firms should decrease their reliance on American tech companies for digital services, a top national supervisor has said. In an interview with POLITICO, Steven Maijoor, the Dutch central bank’s chair of supervision, said the “small number of suppliers” providing digital services to many European finance companies can pose a “concentration risk.” “If one of those suppliers is not able to supply, you can have major operational problems,” Maijoor said. The intervention comes as Europe’s politicians and industries grapple with the continent’s near-total dependence on U.S. technology for digital services ranging from cloud computing to software. The dominance of American companies has come into sharp focus following a decline in transatlantic relations under U.S. President Donald Trump. While the market for European tech services isn’t nearly as developed as in the U.S. — making it difficult for banks to switch — the continent “should start to try to develop this European environment” for financial stability and the sake of its economic success, Maijoor said. European banks being locked in to contracts with U.S. providers “will ultimately also affect their competitiveness,” Maijoor said. Dutch supervisors recently authored a report on the systemic risks posed by tech dependence in finance. Dutch lender Amsterdam Trade Bank collapsed in 2023 after its parent company was placed on the U.S. sanctions list and its American IT provider withdrew online data storage services, in one of the sharpest examples of the impact on companies that see their tech withdrawn. Similarly a 2024 outage of American cybersecurity company CrowdStrike highlighted the European finance sector’s vulnerabilities to operational risks from tech providers, the EU’s banking watchdog said in a post-mortem on the outage. In his intervention, Maijoor pointed to an EU law governing the operational reliability of banks — the Digital Operational Resilience Act (DORA) — as one factor that may be worsening the problem. Those rules govern finance firms’ outsourcing of IT functions such as cloud provision, and designate a list of “critical” tech service providers subject to extra oversight, including Amazon Web Services, Google Cloud, Microsoft and Oracle. DORA, and other EU financial regulation, may be “inadvertently nudging financial institutions towards the largest digital service suppliers,” which wouldn’t be European, Maijoor said. “If you simply look at quality, reliability, security … there’s a very big chance that you will end up with the largest digital service suppliers from outside Europe,” he said. The bloc could reassess the regulatory approach to beat the risks, Maijoor said. “DORA currently is an oversight approach, which is not as strong in terms of requirements and enforcement options as regular supervision,” he said. The Dutch supervisors are pushing for changes, writing that they are examining whether financial regulation and supervision in the EU creates barriers to choosing European IT providers, and that identified issues “may prompt policy initiatives in the European context.” They are asking EU governments and supervisors “to evaluate whether DORA sufficiently enhances resilience to geopolitical risks and, if not, to consider issuing further guidance,” adding they “see opportunities to strengthen DORA as needed,” including through more enforcement and more explicit requirements around managing geopolitical risks. Europe could also set up a cloud watchdog across industries to mitigate the risks of dependence on U.S. tech service providers, which are “also very important for other parts of the economy like energy and telecoms,” Maijoor said. “Wouldn’t there be a case for supervision more generally of these hyperscalers, cloud service providers, as they are so important for major parts of the economy?” The European Commission declined to respond.

Europe’s security does not depend solely on our physical borders and their defense. It rests on something far less visible, and far more sensitive: the digital networks that keep our societies, economies and democracies functioning every second of the day. > Without resilient networks, the daily workings of Europe would grind to a > halt, and so too would any attempt to build meaningful defense readiness. A recent study by Copenhagen Economics confirms that telecom operators have become the first line of defense in Europe’s security architecture. Their networks power essential services ranging from emergency communications and cross-border healthcare to energy systems, financial markets, transport and, increasingly, Europe’s defense capabilities. Without resilient networks, the daily workings of Europe would grind to a halt, and so too would any attempt to build meaningful defense readiness. This reality forces us to confront an uncomfortable truth: Europe cannot build credible defense capabilities on top of an economically strained, structurally fragmented telecom sector. Yet this is precisely the risk today. A threat landscape outpacing Europe’s defenses The challenges facing Europe are evolving faster than our political and regulatory systems can respond. In 2023 alone, ENISA recorded 188 major incidents, causing 1.7 billion lost user-hours, the equivalent of taking entire cities offline. While operators have strengthened their systems and outage times fell by more than half in 2024 compared with the previous year, despite a growing number of incidents, the direction of travel remains clear: cyberattacks are more sophisticated, supply chains more vulnerable and climate-related physical disruptions more frequent. Hybrid threats increasingly target civilian digital infrastructure as a way to weaken states. Telecom networks, once considered as technical utilities, have become a strategic asset essential to Europe’s stability. > Europe cannot deploy cross-border defense capabilities without resilient, > pan-European digital infrastructure. Nor can it guarantee NATO > interoperability with 27 national markets, divergent rules and dozens of > sub-scale operators unable to invest at continental scale. Our allies recognize this. NATO recently encouraged members to spend up to 1.5 percent of their GDP on protecting critical infrastructure. Secretary General Mark Rutte also urged investment in cyber defense, AI, and cloud technologies, highlighting the military benefits of cloud scalability and edge computing – all of which rely on high-quality, resilient networks. This is a clear political signal that telecom security is not merely an operational matter but a geopolitical priority. The link between telecoms and defense is deeper than many realize. As also explained in the recent Arel report, Much More than a Network, modern defense capabilities rely largely on civilian telecom networks. Strong fiber backbones, advanced 5G and future 6G systems, resilient cloud and edge computing, satellite connectivity, and data centers form the nervous system of military logistics, intelligence and surveillance. Europe cannot deploy cross-border defense capabilities without resilient, pan-European digital infrastructure. Nor can it guarantee NATO interoperability with 27 national markets, divergent rules and dozens of sub-scale operators unable to invest at continental scale. Fragmentation has become one of Europe’s greatest strategic vulnerabilities. The reform Europe needs: An investment boost for digital networks At the same time, Europe expects networks to become more resilient, more redundant, less dependent on foreign technology and more capable of supporting defense-grade applications. Security and resilience are not side tasks for telecom operators, they are baked into everything they do. From procurement and infrastructure design to daily operations, operators treat these efforts as core principles shaping how networks are built, run and protected. Therefore, as the Copenhagen Economics study shows, the level of protection Europe now requires will demand substantial additional capital. > It is unrealistic to expect world-class, defense-ready infrastructure to > emerge from a model that has become structurally unsustainable. This is the right ambition, but the economic model underpinning the sector does not match these expectations. Due to fragmentation and over-regulation, Europe’s telecom market invests less per capita than global peers, generates roughly half the return on capital of operators in the United States and faces rising costs linked to expanding security obligations. It is unrealistic to expect world-class, defense-ready infrastructure to emerge from a model that has become structurally unsustainable. A shift in policy priorities is therefore essential. Europe must place investment in security and resilience at the center of its political agenda. Policy must allow this reality to be reflected in merger assessments, reduce overlapping security rules and provide public support where the public interest exceeds commercial considerations. This is not state aid; it is strategic social responsibility. Completing the single market for telecommunications is central to this agenda. A fragmented market cannot produce the secure, interoperable, large-scale solutions required for modern defense. The Digital Networks Act must simplify and harmonize rules across the EU, supported by a streamlined governance that distinguishes between domestic matters and cross-border strategic issues. Spectrum policy must also move beyond national silos, allowing Europe to avoid conflicts with NATO over key bands and enabling coherent next-generation deployments. Telecom policy nowadays is also defense policy. When we measure investment gaps in digital network deployment, we still tend to measure simple access to 5G and fiber. However, we should start considering that — if security, resilience and defense-readiness are to be taken into account — the investment gap is much higher that the €200 billion already estimated by the European Commission. Europe’s strategic choice The momentum for stronger European defense is real — but momentum fades if it is not seized. If Europe fails to modernize and secure its telecom infrastructure now, it risks entering the next decade with a weakened industrial base, chronic underinvestment, dependence on non-EU technologies and networks unable to support advanced defense applications. In that scenario, Europe’s democratic resilience would erode in parallel with its economic competitiveness, leaving the continent more exposed to geopolitical pressure and technological dependency. > If Europe fails to modernize and secure its telecom infrastructure now, it > risks entering the next decade with a weakened industrial base, chronic > underinvestment, dependence on non-EU technologies and networks unable to > support advanced defense applications. Europe still has time to change course and put telecoms at the center of its agenda — not as a technical afterthought, but as a core pillar of its defense strategy. The time for incremental steps has passed. Europe must choose to build the network foundations of its security now or accept that its strategic ambitions will remain permanently out of reach. -------------------------------------------------------------------------------- Disclaimer POLITICAL ADVERTISEMENT * The sponsor is Connect Europe AISBL * The ultimate controlling entity is Connect Europe AISBL * The political advertisement is linked to advocacy on EU digital, telecom and industrial policy, including initiatives such as the Digital Networks Act, Digital Omnibus, and connectivity, cybersecurity, and defence frameworks aimed at strengthening Europe’s digital competitiveness. More information here.

The German government is set to get new powers to bar risky Chinese technology suppliers from its critical infrastructure. Lawmakers in the federal Bundestag parliament on Thursday approved legislation that would give new tools to the Interior Ministry to ban the use of components from specific manufacturers in critical sectors over cybersecurity risks. The measures resemble what European countries have done in the telecom sector, but the new German bill applies to a much wider range of sectors, including energy, transport and health care. The law comes as German Chancellor Friedrich Merz on Thursday signaled a tougher stance against Chinese tech giant Huawei, telling a business conference in Berlin that he “won’t allow any components from China in the 6G network.” Merz is set to discuss the issue at a major digital sovereignty summit co-hosted by Germany and France next week. The fresh scrutiny for supply chain security in the EU’s largest economy — a manufacturing powerhouse with a complex relationship with China — comes at a time when the European Union is considering how best to tackle cyber risks in supply chains dominated by Chinese firms. Governments are looking beyond the telecom sector, pushing for action in areas such as solar power and connected cars. European cybersecurity officials are finalizing an ICT Supply Chain Toolbox to help governments mitigate the risks, and the European Commission is preparing an overhaul of its Cybersecurity Act to address the issue, expected in January. The German legislation implements the EU’s NIS2 Directive, a critical infrastructure cybersecurity law. The Bundesrat, Germany’s upper legislative chamber, still has to sign off on the bill, which is expected next Friday. The key question is whether Germany is willing to use its powers, said Noah Barkin, a senior advisor at Rhodium Group, a think tank. On telecoms, “this helps lay the groundwork for pushing Huawei out of the 5G network, but it doesn’t guarantee that the political will will be there to take that decision,” he said.  The Interior Ministry could already block telecom operators from using particular components under an existing German IT security law. The law’s 2021 revision was widely seen as an attempt to get Chinese firms like Huawei and ZTE out of telecom network due to fears of cybersecurity and security risks. The Interior Ministry intervened in 2024, but it has never formally blocked the use of specific components under that law. For its new cyber law, the government originally proposed to extend the measures applying to the telecom industry to the electricity sector as well. But parliament’s version now applies to all critical sectors, which under the EU’s NIS2 law includes areas such as transport, health care and digital infrastructure.  German center-left lawmaker Johannes Schätzl, the digital policy spokesperson for the SPD, said this is a “logical step, because cyber and hybrid threats do not stop at sectoral boundaries.” The Interior Ministry will be required to consult with other arms of government when considering bans or blocks of certain suppliers, the bill said. In the past, some ministries like the digital and economy departments have been more reluctant to banning Chinese components, in part due to fears of economic retaliation from Beijing. Industry, too, could resist the new measures. German technology trade association Bitkom on Thursday said that the new rules could be unpredictable and therefore “detrimental.”

ROME — The conservative think tank behind Donald Trump’s Project 2025 roadmap is looking for new friends across the Atlantic.  The Heritage Foundation, the intellectual engine behind the 922-page blueprint that has become the key policy manual for Trump’s second term, is partnering with a constellation of European nationalist far-right movements to export its playbook for countering progressive policies.  That included a conference in late October at the frescoed former home of late premier Silvio Berlusconi in Rome focused on Europe’s demographic crisis and the idea that falling birthrates pose a threat to Western civilization. Speakers included Roger Severino, Heritage’s vice president of domestic policy and the architect of the group’s campaign to roll back abortion access in the U.S., as well as Italy’s pro-life family minister Eugenia Roccella, the deputy speaker of the Senate, and members of Italian right-wing think tanks.  Severino and the Heritage Foundation’s president, Kevin Roberts, have also been speaking guests at summits and assemblies of far-right groups such as Patriots for Europe, which includes Marine Le Pen’s Rassemblement National and Italy’s League, under a Make Europe Great Again banner.  Meanwhile Heritage representatives have held private meetings in Washington and Brussels with lawmakers from far-right parties in Hungary, Czechia, Spain, France and Germany. Just in the past 12 months, the group held seven meetings with members of the European Parliament, compared to just one in the five years prior, according to Parliament records. And they’ve had additional meetings with MEPs that weren’t formally reported, including with three members from Italian Prime Minister Giorgia Meloni’s Brothers of Italy party. Severino told POLITICO that meetings with the European right serve to exchange ideas. But the meetings signal more than pleasantries. For European politicians, they’re a way to get access to people in Trump’s orbit. For Heritage, they’re a way to extend influence beyond Washington and achieve its ideological goals, which under Roberts have grown increasingly aligned with Trump’s MAGA approach.  Mike Gonzalez, a senior fellow at Heritage, said he meets with conservative parties to share experience in dealing with common challenges — “comparing notes, that kind of thing.” He said his interlocutors are “very interested” in policies on abortion, gender theory, defense and China, adding that parts of Project 2025 such as a section he wrote on defunding public broadcasters, are “very transferable” to Europe.  The foundation has been active in Europe for years, he points out, but demand has increased since Trump’s return to office. European right-wing leaders, Gonzalez said, “see Trump and what he is doing and say, ‘I want to get me some of that.’”  BETTER THE SECOND TIME It’s not the first time MAGA has attempted to galvanize the European right. Trump’s former strategist Steve Bannon unsuccessfully tried to unite populist nationalist parties under the Movement think tank in 2019, hamstrung by a lack of buy-in from the parties themselves.  Some observers are doubtful this renewed push will go differently. “I’m skeptical that it will amount to much,” said EJ Fagan, an associate politics professor at the University of Illinois and author of The Thinkers, a book on partisan think tanks. “The European right have their own resources that produce policies, so there’s not a lot Heritage can provide to European parties.”  That is especially an issue, Fagan noted, when it comes to finessing legislation, since Heritage doesn’t have a deep bench of “people who have a fine understanding of laws and treaties” in Europe.  But the Heritage Foundation’s European mission comes as far-right groups gain ground across Europe by tapping public frustration over issues such as immigration, climate policy and sovereignty and pushing policies that are similar to those laid out in the group’s Project 2025 agenda.  Heritage Foundation’s president, Kevin Roberts, have also been speaking guests at summits and assemblies of far-right groups such as Patriots for Europe. | Jim Lo Scalzo/EPA In Italy, two MPs have proposed legislation granting fetal personhood, which would make abortion impossible. The regional government in Lazio is preparing to approve a law that would guarantee protection of the fetus “from conception,” echoing a similar push in the US. And Rocella, Meloni’s family minister who appeared last month with Heritage’s Severino, is attempting to block a regional law banning conscientious objectors from roles in clinics providing abortions.  It’s not just reproductive rights. Meloni’s government has pulled out of a memorandum of understanding on the Belt and Road Initiative, the Chinese government’s ambitious program that aims to finance over $1 trillion in infrastructure investments. It effectively blocked Chinese telecoms giant Huawei from being a part in telecommunications development.  Lucio Malan, an MP in Meloni’s Brothers of Italy party and a panelist at two conferences organized with the Heritage Foundation, attempted to reverse a ban on homophobic and sexist advertisements — though he told POLITICO he took part in the events on the invitation of the center-right FareFuturo think tank, which co-organized the events with Heritage.   Heritage and its allies in the Trump administration have everything to gain from stronger nationalist parties in Europe, which are also pushing for delays in climate and agriculture regulations and sided with the US and Big Tech on digital regulation. Earlier this year, Heritage hosted the presentation of proposals by two far-right European think tanks, Hungary’s Mathias Corvinus Collegium (MCC) and Poland’s Ordo Iuris Institute for Legal Culture, to overhaul and hollow out the EU, undermining the commission and the European Court of Justice. And Heritage’s activity in Europe comes as the organization faces a swirl of controversy back home after Roberts sided with right-wing political commentator Tucker Carlson over criticism for interviewing a white nationalist. The incident triggered an open revolt against Roberts, who subsequently apologized. The unexpectedly swift and wide-ranging implementation of Project 2025 in the U.S. has boosted Heritage’s credentials in Europe, said Kenneth Haar of Corporate Europe Observatory, a non-profit that monitors lobbying in the EU. “Trump’s wholesale adoption of their agenda has given them unparalleled status,” he said. Now, Haar added, Heritage “is not just a think tank from the U.S., it is a representative of the MAGA coalition. It is not an exaggeration to say they are carrying out foreign policy on behalf of the president.” But the Heritage Foundation’s European mission comes as far-right groups gain ground across Europe by tapping public frustration over issues such as immigration, climate policy and sovereignty and pushing policies that are similar to those laid out in the group’s Project 2025 agenda. | Shawn Thew/EPA For Heritage, there’s good reason to focus on Europe in particular: It has become a focal point for the group’s donors and activists in the U.S., who fret about perceived Islamicization and leftist politics on the continent.  “We have an existential interest in having Europe be sovereign and free and strong,” Gonzalez told POLITICO. A RALLYING POINT Historically, Europe’s right has struggled to cooperate, with different factions representing conflicting national interests. But the machinery underpinning Trump’s reelection, and his ability to move national policy in European capitals, has shifted those dynamics, making Heritage “a factor in uniting the European right,” Haar said.  “MAGA has become a rallying point, the European right is meeting more frequently,” he added. Trump’s support for their policies also gives them more “clout” in Europe, he said, as Europe’s leaders seek favor from Trump and his allies across a range of issues, including tariffs.  Transparency activists said that they’re seeing a notable uptick in activity that suggests Heritage is gaining traction beyond symposiums and events.  Raphaël Kergueno, Senior Policy Officer at Transparency International, a NGO advocating against undue political influence, said the group’s activities — including those undeclared meetings with MEPs, which may put those members in breach of the European Parliament’s code of conduct — underscores the weakness of European rules on lobbying and advocacy.  Kenneth Haar added, Heritage “is not just a think tank from the U.S., it is a representative of the MAGA coalition. It is not an exaggeration to say they are carrying out foreign policy on behalf of the president.” | Shawn Thew/EPA “The Heritage Foundation has pushed blatantly anti-democratic projects, and is now free to court MEPs without disclosing its goals or funding,” he said. “If the EU does not clean up its act, it will allow hostile actors to import authoritarianism through the backdoor.” But Nicola Procaccini, an MEP in Meloni’s party who has held several meetings with Heritage, dismissed the idea that Heritage presents a danger to the rule of law or to European politics. He said he has not read Project 2025, and pointed to the group’s long history as an economic policy powerhouse — though that has changed in the Trump era, as the group’s new head Roberts has pivoted closer to Trump.  Nevertheless, he said, “You can share or not share their views … but Heritage is certainly an authoritative voice.”  

BRUSSELS — Lawmakers in the European Parliament’s legal affairs committee have voted to go ahead and sue the European Commission for axing a proposal to regulate patent licensing. The JURI committee on Tuesday voted in favor of referring the Commission to the Court of Justice of the European Union for breaching EU law by withdrawing a proposal to regulate standard essential patents. The patents, for 4G and 5G networks used in mobile phones and connected cars, have been at the center of a long-running battle between the companies that own them and those that use them. European lawmakers have supported efforts to resolve the fight — and some accuse the EU executive of attacking democracy by killing off the initiative. President Roberta Metsola now needs to mandate the Parliament’s legal service to draft and file a case by Nov. 14, a Parliament official said, citing rules of procedure. If she intends to depart from JURI’s conclusions, she could also bring it to the Conference of Presidents or, in an unlikely scenario, submit it to a plenary vote, they added. Fourteen MEPs voted in favor of the action, against eight who opposed it, the official said. The vote was held behind closed doors.  The motion was spearheaded by German Social Democrat René Repasi, coordinator for the Committee on Legal Affairs and standing rapporteur for disputes involving the Parliament. “With today’s vote, we send a clear message: we will not stand by when the Commission oversteps its mandate,” Repasi said in an emailed statement following the vote. “The Commission’s right to withdraw a proposal, as was conducted with the Standard-Essential Patents (SEP) proposal, cannot be used as a political instrument to short-circuit Parliament’s work or to enforce a deregulation agenda from above. This is not in line with how the democratic processes in the European Union are meant to function.” Members of the European People’s Party, the center-right party allied to Commission President Ursula von der Leyen, were instructed to vote against taking legal action. “Today’s vote reflects Parliament’s concern about the balance of powers between EU institutions, but we must be clear: This legal action will not bring back the withdrawn legislative proposal,” Adrián Vázquez Lázara, the EPP’s lead on the issue, told POLITICO.  While he acknowledged that the withdrawal of the SEP bill raised some question marks, Vázquez Lázara said that legal action was not the right solution. “What can be questioned, however, is the wording and justification used in this specific withdrawal, which raises legitimate concerns about institutional transparency and communication,” Vázquez Lázara said. “Those Members who wish to see the proposal revived should seek political and legislative avenues to achieve that goal, rather than resorting to institutional confrontation.” Patent implementers, which historically supported the regulation and range from carmakers to Big Tech companies and SMEs, cheered the move. “There is still hope for democracy and fairness in the EU legislature,” said Evelina Kurgonaite of the Fair Standards Alliance, which represents the patent users. “We thank MEP [Marion] Walsmann and other JURI members for their leadership in fighting for a fair chance at innovation for  businesses in Europe, especially SMEs.” The Commission declined to comment.

MILAN — Nothing about the sand-colored façade of the palazzo tucked behind Milan’s Duomo cathedral suggested that inside it a team of computer engineers were building a database to gather private and damaging information about Italy’s political elite — and use it to try to control them.   The platform, called Beyond, pulled together hundreds of thousands of records from state databases — including flagged financial transactions and criminal investigations — to create detailed profiles on politicians, business leaders and other prominent figures.  Police wiretaps recorded someone they identified as Samuele Calamucci, allegedly the technical mastermind of the group, boasting that the dossiers gave them the power to “screw over all of Italy.”  The operation collapsed in fall 2024, when a two-year investigation culminated in the arrests of four people, with a further 60 questioned. The alleged ringleaders have denied ever directly accessing state databases, while lower-level operatives maintain they only conducted open-source searches and believed their actions were legal. Police files indicate that key suspects claimed they were operating with the tacit approval of the Italian state.  After months of questioning and plea bargaining, 15 of the accused are set to enter their pleas at the first court hearing in October.   The disclosures were shocking, not only because of the confidentiality of the data but also the high-profile nature of the targets, which included former Prime Minister Matteo Renzi and Ignazio La Russa, co-founder of the ruling Brothers of Italy party and president of the Senate.  The scandal underscores a novel reality: that in the digital era, privacy is a relic. While dossiers and kompromat have long been tools of political warfare, hackers today, commanded by the highest bidder, can access information to exploit decision-makers’ weaknesses — from private indiscretions to financial vulnerabilities. The result is a political and business class highly exposed to external pressures, heightening fears about the resilience of democratic institutions in an era where data is both power and liability.  POLITICO obtained thousands of pages of police wiretap transcripts and arrest warrants and spoke with alleged perpetrators, their victims and officials investigating the scheme. Together, the documents and interviews reveal an intricate plot to build a database filled with confidential and compromising data — and a business plan to exploit it for both legal and illegal means.  On the surface, the group presented itself as a corporate intelligence firm, courting high-profile clients by claiming expertise in resolving complex risk management issues such as commercial fraud, corruption and infiltration by organized crime.   Banca Mediolanum, said it had paid “€3,000 to Equalize to gather more public information regarding a company that could have been the subject of a potential deal, managed by our investment bank.” | Diego Puletto/Getty Images Prosecutors accuse the gang of compiling damaging dossiers by illegally accessing phones, computers and state databases containing information ranging from tax records to criminal convictions. The data could be used to pressure and threaten victims or fed to journalists to discredit them.  The alleged perpetrators include a former star police investigator, the top manager of Milan’s trade fair complex and several cybersecurity experts prominent in Italy’s tech scene. All have denied wrongdoing.  SUPERCOP TURNED SUPERCROOK  When the gang first drew the attention of investigators in the summer of 2022, it was almost by accident.  Police were tracking a northern Italian gangster when he arranged a meeting with retired police inspector Carmine Gallo at a coffee bar in downtown Milan. Gallo, a veteran in the fight against organized crime, was a familiar face in Italy’s law enforcement circles. The meeting raised suspicions, and authorities put Gallo under surveillance — and inadvertently uncovered the gang’s wider operations.  Gallo, who died in March 2025, was a towering figure in Italian law enforcement. He helped solve high-profile cases such as the 1995 murder of Maurizio Gucci — carried out by the fashion mogul’s ex-wife Patrizia Reggiani and her clairvoyant — and the 1997 kidnapping of Milanese businesswoman Alessandra Sgarella by the ‘ndrangheta organized crime syndicate.  Yet Gallo’s career was not without controversy. Over four decades, he cultivated ties to organized crime networks and faced repeated investigations for overstepping legal boundaries. He ultimately received a two-year suspended sentence for sharing official secrets and assisting criminals.  When he retired from the force in 2018, Gallo illegally carted off investigative material such as transcripts of interviews with moles, mafia family trees and photofits, prosecutors’ documents show. His modus operandi was to tell municipal employees to “get a coffee and come back in half an hour” while he photographed documents, he boasted in wiretaps.  Still, Gallo’s work ethic remained relentless. In 2019, he co-founded Equalize — the IT company that hosted the Beyond database — with his business partner Enrico Pazzali, presenting the firm as a corporate risk intelligence company.  Gallo’s years as a police officer gave him a unique advantage: He could leverage relationships with former colleagues in law enforcement and intelligence to get them to carry out illegal searches on his behalf. Some of the information he obtained was then repackaged as reputational dossiers for clients, commanding fees of up to €15,000.  Gallo also cashed in his influence for favors, such as procuring passports for friends and acquaintances. Investigators recorded conversations in which he bragged of sourcing a passport for a convicted mafioso under investigation for kidnapping, who planned to flee to the United Arab Emirates.  The supercop-turned-supercriminal claimed that Equalize had a full overview of Italian criminal operations, extending even to countries like Australia and Vietnam.  When investigators raided the group’s headquarters, they found thousands of files and dossiers spanning decades of Italian criminal and political history. The hackers even claimed to have — as part of what they called their “infinite archive” — video evidence of the late Prime Minister Silvio Berlusconi’s so-called bunga bunga parties, which investigators called “a blackmail tool of the highest value.”   Enrico Pazzali cultivated close ties to right-wing politicians, including Attilio Fontana, president of the Lombardy region, and maintained a close association with high-level intelligence officials. | Alessandro Bremec/Getty Images Gallo’s sudden death of a heart attack six months into the investigation stirred unease among prosecutors. They noted that while an initial autopsy found no signs of trauma or injection, the absence of such evidence does not necessarily rule out interference. Investigators have ordered toxicology tests.  ‘HANDSOME UNCLE’  Gallo’s collaborator Pazzalli, a well-known businessman who headed Milan’s prestigious Fondazione Fiera Milano, the country’s largest exhibition center, was Equalize’s alleged frontman.  Pazzali, through his lawyer, declined to comment to POLITICO about the allegations.  The Fiera, a magnet for money and power, made Pazzali a heavy hitter in Milanese circles. Having built a successful career across IT, energy and other sectors, and boasting a full head of steely gray hair, he was known to some by the nickname “Zio Bello,” or handsome uncle.   Pazzali cultivated close ties to right-wing politicians, including Attilio Fontana, president of the Lombardy region, and maintained a close association with high-level intelligence officials. He would meet clients in a chauffeur-driven black Tesla X, complete with a blue flashing light on the roof — the kind typically reserved for high-ranking officials.  Since 2019, Pazzali held a 95 percent stake in Equalize. If Gallo’s role was sourcing confidential information, Pazzali’s was winning high-profile clients, the prosecutors allege. Leveraging his reputation and political connections, he helped secure business from banks, industrial conglomerates, multinationals, and international law firms, including pasta giant Barilla, the Italian subsidiary of Heineken, and energy powerhouse Eni.   Documents show that Eni paid Equalize €377,000. Roberto Albini, a spokesperson for the energy giant, told POLITICO that the firm had commissioned Equalize “to support its strategy and defense in the context of several criminal and civil cases.” He added that Eni was not aware of any illegal activity by the company.  Marlous den Bieman, corporate communications manager for Heineken, said the brewer had “ceased all collaboration with Equalize and is actively cooperating with authorities in their investigation of the company’s practices.”  Barilla declined to comment.  Italy’s third-largest bank, Banca Mediolanum, said it had paid “€3,000 to Equalize to gather more public information regarding a company that could have been the subject of a potential deal, managed by our investment bank.” The bank added, “Of course we were not aware that Equalize was in general conducting its business also through the adoption of illicit procedures.”  The group’s reach extended beyond Italy. In February 2023, it was hired by Israeli state intelligence agents in a €1 million operation to trace the financial flows from the accounts of wealthy individuals to the Russian mercenary network Wagner. In exchange, the Israelis promised to hand over intelligence on the illicit trafficking of Iranian gas through Italy — a commodity that, they suggested, might be of interest to Equalize’s client, the energy giant Eni.  Equalize rapidly grew into a formidable private investigation operation. Police reports noted that Pazzali recognized data as “a weapon for enormous economic and reputational gains,” adding, “Equalize’s raison d’être is to provide … Pazzali with information and dossiers to be used for the achievement of his political and economic aims.”  During the 2023 election campaign for the presidency of the Lombardy region, Pazzali ordered dossiers on close affiliates of former mayor of Milan, Letizia Moratti, who was challenging his preferred candidate, the far-right Fontana.  Prime Minister Matteo Renzi warned of a deeper political risk associated with the gang. | Vincenzo Nuzzolese/Getty Images A spokesman for Fontana called the allegation “science-fiction” and said “nothing was offered to the president of the region, he did not ask for anything, and he certainly did not pay anything.”   In 2022, Pazzali was in the running to manage Italy’s 2026 Winter Olympics as chief executive. Wiretaps suggested he ordered a dossier on his competitor, football club AC Milan’s Chairman Paolo Scaroni, but found nothing on him.  Business was booming, but Pazzali and Gallo were thinking ahead. They had become reliant on cops willing to leak information, and those officers could be spooked — or caught in the act. That was a vulnerability.  They started to envisage a more sophisticated operation: a platform that collated all the data the group had in its possession and could generate the prized dossiers with the click of a button, erasing the need for bribes and cutting manpower costs — a repository of high-level secrets that, once operational, would give Pazzali, Gallo, and their team unprecedented power in Italy.  Pazzali declined to comment on the investigation. He is due to plead before a judge at a preliminary hearing in October. ‘THE PROFESSOR’ AND THE BOYS   Enter Samuele Calamucci, the coding brain of the operation.  Calamucci is from a small town just outside Milan, and before he began his career in cybersecurity, he was involved in stonemasonry.   Unlike his partners Gallo and Pazzali, Calamucci wasn’t a known face in the city — and he had worked hard to keep it that way. He ran his own private investigation firm, Mercury Advisor, from the same offices as Equalize, handling the company’s IT operations as an outside contractor.  Calamucci knew his way around Italian government IT systems, too. In wiretapped conversations, he claimed to have helped build the digital infrastructure for Italy’s National Cybersecurity Agency and to have worked for the secret services’ Department of Information for Security.  Known within the gang as “the professor,” Calamucci’s role was to recruit and manage a team of 30 to 40 programmers he called the ragazzi — the boys.  With his best recruits he began to build Beyond in 2022, the platform designed to be the digital equivalent of an all-seeing eye.  To populate it, Calamucci and his team purchased data from the dark web, exploited access through government IT maintenance contracts and siphoned intelligence from state databases whenever they could, prosecutors said.  Beyond gave Pazzali, Gallo, and their gang a treasure trove of compromising information on political and business figures in a searchable platform. Wiretaps indicated the plan was to sell access via subscription to select clients, including international law firm Dentons and some of the Big Four consultancies like Deloitte, KPMG, and EY. | Aleksander Kalka/Getty Images In one police-recorded conversation, Calamucci boasted of a hard drive holding 800,000 dossiers. Through his lawyer, Calamucci declined to comment.  “We all thought the requested reports served the good of the country,” said one of the hackers, granted anonymity to speak freely. “Ninety percent of the reports carried out were about energy projects, which required open-source criminal records or membership in mafia syndicates, given that a large portion concerned the South.” Only 5 percent of the jobs they carried out were for individuals to conduct an analysis of enemies or competitors, he added.  The hackers were also “not allowed to know” who was coming into Equalize’s office from the outside. Meetings were held behind closed doors in Gallo’s office or in conference rooms, the hacker told POLITICO, explaining that the analysts were unaware of the company’s dynamics and the people it associated with.  Beyond gave Pazzali, Gallo, and their gang a treasure trove of compromising information on political and business figures in a searchable platform. Wiretaps indicated the plan was to sell access via subscription to select clients, including international law firm Dentons and some of the Big Four consultancies like Deloitte, KPMG, and EY.  Dentons declined to comment. Deloitte and EY did not respond to a request for comment. Audee Van Winkel, senior communication officer for KPMG in Belgium, where one of the alleged gang members worked, said the consultancy did not have any knowledge or records of KPMG in Belgium working with the platform.   ‘INTELLIGENCE MERCENARIES’  In Italy’s sprawling private investigation scene, Equalize was a relative newcomer. But Gallo, Pazzali and their associates had something going for them: They were well-connected.  One alleged member of the organization, Gabriele Pegoraro, had worked as an external cybersecurity expert for intelligence services and had previously made headlines as the IT genius who helped capture a fugitive terrorist.  Pegoraro said he “carried out only lawful operations using publicly available sources” and “was in the dark about how the information was used.”  According to wiretaps, Calamucci and Gallo had worked with several intelligence agents to provide surveillance to protect criminal informants.   On one occasion, Calamucci explained to a subordinate that the relationship with the secret services “was essential” to continue running Equalize undisturbed. “We are mercenaries for [Italian] intelligence,” he was heard saying by police listening in on a meeting with foreign agents at his office.   The services also helped with data searches for the group and created a mask of cover for the gang, prosecutors believe. A hacker proudly claimed that Equalize had even received computers handed down from Italy’s foreign intelligence agency, while law enforcement watched from bugs planted in the ceiling.  THE PROSECUTION  In October 2024, the music stopped.  Prosecutors placed four of the alleged gang members, including Gallo and Calamucci, under house arrest and another 60 people under investigation. They brought forward charges including conspiracy to hack, corruption, illegal accessing of data and the violation of official secrets.  Franco Gabrielli, a former director of Italy’s civil intelligence services, warned that even the toughest of sentences are unlikely to put an end to the practice. | Alessandro Bremec/Getty Images “Just as the Stasi destroyed the lives of so many people using a mixture of fabricated and collected information, so did these guys,” said Leonida Reitano, an Italian open-source investigator who studied the case. “They collected sensitive information, including medical reports, and used it to compromise their targets.”  News of what the gang had done dropped like a bombshell on Italy’s political class. Foreign Minister Antonio Tajani told reporters at the time that the affair was “unacceptable,” while Interior Minister Matteo Piantedosi warned the parliament that the hackers were “altering the rules of democracy.”  The Equalize scandal “is not only the most serious in the history of the Italian Republic but represents a real and actual attack on democracy,” said Angelo Bonelli, MP and member of the opposition Green Europe.  Prime Minister Renzi warned of a deeper political risk associated with the gang. “It is clear that Equalize are very close to the leaders of the right-wing parties, and intended to build a powerful organization, although it is not yet certain how deep an impact they had,” he told POLITICO. Renzi is seeking damages as a civil plaintiff in the eventual criminal trial.  Equalize was liquidated in March, and some of the alleged hackers have since taken on legitimate roles within the cybersecurity sector.  There are many unresolved questions around the case. Investigators and observers are still trying to determine the full extent of Equalize’s ties to Italian intelligence agencies, and whether any clients were aware of or complicit in the methods used to compile sensitive dossiers. Interviews with intelligence officials conducted during the investigation were never transcribed, and testimony given to a parliamentary committee remains classified. Police documents are heavily redacted, leaving the identities of key figures and the full scope of the operation unclear.  While Equalize is unprecedented in its scale, efforts to collect information on political opponents have “become an Italian tradition,” said the political historian Giovanni Orsina. Spying and political chicanery during and after the Cold War has damaged democracy and undermined trust in public institutions, made worse by a lethargic justice system that can take years if not decades to deliver justice.   “It adds to the perception that Italy is a country in which you can never find the truth,” Orsina said.  Franco Gabrielli, a former director of Italy’s civil intelligence services, warned that even the toughest of sentences are unlikely to put an end to the practice. “It just increases the costs, because if I risk more, I charge more,” he said.   “We must reduce the damage, put in place procedures, mechanisms,” he added. “But, unfortunately, all over the world, even where people earn more there are always black sheep, people who are corrupted. It’s human nature.” 

BRUSSELS — First it was telecom snooping. Now Europe is growing worried that Huawei could turn the lights off. The Chinese tech giant is at the heart of a brewing storm over the security of Europe’s energy grids. Lawmakers are writing to the European Commission to urge it to “restrict high-risk vendors” from solar energy systems, in a letter seen by POLITICO. Such restrictions would target Huawei first and foremost, as the dominant Chinese supplier of critical parts of these systems. The fears center around solar panel inverters, a piece of technology that turns solar panels’ electricity into current that flows into the grid. China is a dominant supplier of these inverters, and Huawei is its biggest player. Because the inverters are hooked up to the internet, security experts warn the inverters could be tampered with or shut down through remote access, potentially causing dangerous surges or drops in electricity in Europe’s networks. The warnings come as European governments have woken up to the risks of being reliant on other regions for critical services — from Russian gas to Chinese critical raw materials and American digital services. The bloc is in a stand-off with Beijing over trade in raw materials, and has faced months of pressure from Washington on how Brussels regulates U.S. tech giants. Cybersecurity authorities are close to finalizing work on a new “toolbox” to de-risk tech supply chains, with solar panels among its key target sectors, alongside connected cars and smart cameras. Two members of the European Parliament, Dutch liberal Bart Groothuis and Slovak center-right lawmaker Miriam Lexmann, drafted a letter warning the European Commission of the risks. “We urge you to propose immediate and binding measures to restrict high-risk vendors from our critical infrastructure,” the two wrote. The members had gathered the support of a dozen colleagues by Wednesday and are canvassing for more to join the initiative before sending the letter mid next week.   According to research by trade body SolarPower Europe, Chinese firms control approximately 65 percent of the total installed power in the solar sector. The largest company in the European market is Huawei, a tech giant that is considered a high-risk vendor of telecom equipment. The second-largest firm is Sungrow, which is also Chinese, and controls about half the amount of solar power as Huawei. Huawei’s market power recently allowed it to make its way back into SolarPower Europe, the solar sector’s most prominent lobby association in Brussels, despite an ongoing Belgian bribery investigation focused on the firm’s lobbying activities in Brussels that saw it banned from meeting with European Commission and Parliament officials. Security hawks are now upping the ante. Cybersecurity experts and European manufacturers say the Chinese conglomerate and its peers could hack into Europe’s power grid.  “They can disable safety parameters. They can set it on fire,” Erika Langerová, a cybersecurity researcher at the Czech Technical University in Prague, said in a media briefing hosted by the U.S. Mission to the EU in September.  Even switching solar installation off and on again could disrupt energy supply, Langerová said. “When you do it on one installation, it’s not a problem, but then you do it on thousands of installations it becomes a problem because the … compound effect of these sudden changes in the operation of the device can destabilize the power grid.”  Surges in electricity supply can trigger wider blackouts, as seen in Spain and Portugal in April. | Matias Chiofalo/Europa Press via Getty Images Surges in electricity supply can trigger wider blackouts, as seen in Spain and Portugal in April. Some governments have already taken further measures. Last November, Lithuania imposed a ban on remote access by Chinese firms to renewable energy installations above 100 kilowatts, effectively stopping the use of Chinese inverters. In September, the Czech Republic issued a warning on the threat posed by Chinese remote access via components including solar inverters. And in Germany, security officials already in 2023 told lawmakers that an “energy management component” from Huawei had them on alert, leading to a government probe of the firm’s equipment. CHINESE CONTROL, EU RESPONSE  The arguments leveled against Chinese manufacturers of solar inverters echo those heard from security experts in previous years, in debates on whether or not to block companies like video-sharing app TikTok, airport scanner maker Nuctech and — yes — Huawei’s 5G network equipment. Distrust of Chinese technology has skyrocketed. Under President Xi Jinping, the Beijing government has rolled out regulations forcing Chinese companies to cooperate with security services’ requests to share data and flag vulnerabilities in their software. It has led to Western concerns that it opens the door to surveillance and snooping. One of the most direct threats involves remote management from China of products embedded in European critical infrastructure. Manufacturers have remote access to install updates and maintenance. Europe has also grown heavily reliant on Chinese tech suppliers, particularly when it comes to renewable energy, which is powering an increasing proportion of European energy. Domestic manufacturers of solar panels have enough supply to fill the gap that any EU action to restrict Chinese inverters would create, Langerová said. But Europe does not yet have enough battery or wind manufacturers — two clean energy sector China also dominates. China’s dominance also undercuts Europe’s own tech sector and comes with risks of economic coercion. Until only a few years ago, European firms were competitive, before being undercut by heavily subsidized Chinese products, said Tobias Gehrke, a senior policy fellow at the European Council on Foreign Relations. China on the other hand does not allow foreign firms in its market because of cybersecurity concerns, he said. The European Union previously developed a 5G security toolbox to reduce its dependence on Huawei over these fears. It is also working on a similar initiative, known as the ICT supply chain toolbox, to help national governments scan their wider digital infrastructure for weak points, with a view to blocking or reduce the use of “high-risk suppliers.” According to Groothuis and Lexmann, “binding legislation to restrict risky vendors in our critical infrastructure is urgently required” across the European Union. Until legislation is passed, the EU should put temporary measures in place, they said in their letter.  Huawei did not respond to requests for comment before publication. This article has been updated.

BRUSSELS — Almost 60 members of the European Parliament want to include a gift in the bloc’s next long-term budget: a phone with more storage for Ursula von der Leyen. Right-wing politicians filed an amendment on Thursday to the EU’s budget bill, telling the EU executive to “dedicate sufficient funding to provide the president of the Commission with a mobile phone with adequate storage capacity and appropriate IT support to ensure that messages are preserved without exception.” Von der Leyen got in hot water last month over a deleted 2024 text message she received from French President Emmanuel Macron that POLITICO reported had urged her to block the EU-Mercosur trade deal. The Commission said the message was auto-deleted, defending von der Leyen’s use of disappearing messages as being, in part, “for space reasons.” But tech experts debunked that defense as “a non-argument” and ” hard to believe,” because text messages hardly take any space on modern phones. The Commission president already faced an investigation earlier over text conversations with Pfizer’s Chief Executive Officer Albert Bourla about Covid-19 vaccine contracts which were never archived. Lawmakers are due to vote on the EU’s draft budget for 2026 at a plenary session in Strasbourg next week. The amendment on phone storage came from Germany far-right member Christine Anderson and Swedish hard-right member Charlie Weimers. It had been signed by 57 members of parliament on Thursday, largely from Weimers’ European Conservative and Reformists group, Anderson’s Europe Sovereign Nations and the far-right Patriots for Europe. The amendment urged the EU executive to mind “importance of keeping proper records of all official communications of the Commission.”

Enrico Letta is president of the Jacques Delors Institute and a former prime minister of Italy. Pascal Lamy is vice-president of the Paris Peace Forum and a former European commissioner for Trade. Kolinda Grabar-Kitarović is co-chair of the Global Preparedness Monitoring Board and a former president of Croatia. They are all members of the Governing Board of the new Jacques Delors Friends of Europe Foundation. For too long, the European project has been treated like an à la carte menu. Leaders cherry-pick advantages, blame Brussels for the compromises they’ve accepted, and leave citizens to bear the consequences of watered-down decisions and years-long delays. This habit of the political dodge, of agreeing in public and unraveling at home, has dented public trust, and it must stop. By 2028, Europe must complete the single market — not in slogans but in the concrete areas that shape everyday life, like energy, telecommunications, savings and investments, and the free circulation of knowledge and innovation. A real single market in these fields will deliver tangible benefits for citizens: Harmonized energy markets mean cross-border trade of electricity and gas, stabilized supplies and lower bills when markets work properly. Unified telecoms will reduce roaming and domestic price monopolies, improve service and widen access. Integrated capital markets will give savers better returns, channel funds to growing firms and make loans cheaper for small businesses. And removing barriers to research and data flows will allow students, scientists and entrepreneurs to collaborate and scale up without coming up against national borders. In short: more choice, lower costs, better opportunities and faster innovation. Alongside these priorities, Europe must also adopt what Enrico Letta and others call the “28th regime” — a mechanism that allows individuals and businesses to operate under uniform EU standards when national rules obstruct progress. Voluntary pioneers shouldn’t be hostage to vetoes from lone capitals. Where national foot-dragging denies benefits to citizens elsewhere, European law should offer an alternate path to deliver those benefits. This is about fairness and security. The fragmented status quo leaves households overpaying for energy, students facing unequal digital access and entrepreneurs boxed into tiny domestic markets. It also weakens Europe geopolitically: Fragmented energy systems increase vulnerability to hostile suppliers; disjointed capital markets amplify financial shocks; and splintered telecoms and digital rules hamper our ability to control critical infrastructure and data flows. Deadlines force choices and sharpen political will — without them, the default remains delay. Europe’s leaders thus need to set a clear, nonnegotiable deadline to complete the single market in energy, telecoms, capital and knowledge by 2028. And here are the concrete steps they must take: First, they must institutionalize the fifth freedom — the free circulation of knowledge and innovation — by removing regulatory barriers to research collaboration, data exchange, university partnerships and mobility for knowledge workers. Next, they need to adopt EU-wide rules where national governments block progress. Activating the 28th-regime concept will allow willing member countries and their citizens to benefit, even if one or two vetoers refuse to move. Then, break energy silos by fast-tracking cross-border interconnectors, harmonizing grid and wholesale market rules, and prioritizing joint procurement to prevent costly duplication. Also, unify telecoms by eliminating burdensome national licensing, promoting Pan-European operators, and creating a regulatory environment that rewards competition and coverage. Europe’s leaders thus need to set a clear, nonnegotiable deadline to complete the single market in energy, telecoms, capital and knowledge by 2028. | Thierry Monasse/Getty Images Finally, complete the capital markets union through the Savings and Investments Union, linking finance to the real economy and fostering investments in the common goods that Europe needs, such as innovation and digital, security, and the fight against climate change. Completing the single market must also go hand in hand with security and resilience. If Europe is to spend billions on defense, those investments must translate to more than trophies for national procurement agencies. We need a single market for defense, with interoperable equipment, joint procurement, shared standards and industrial cooperation. Defense purchases need to build common capabilities — not 27 bespoke systems that can’t communicate with each other. Societal resilience matters too. Authoritarian and malign actors weaponize disinformation, exploit social divisions and erode trust in institutions. Fighting disinformation is as much about strengthening communities as it is about policing platforms, and Europe must invest in civic resilience. We must also be clear-eyed about enlargement. Ukraine’s and Moldova’s resilience have shown democratic determination in the face of Russian aggression, and their efforts should inspire concrete progress. Former European Commission President Jacques Delors called enlargement “our duty” — and he was right. Widening the single market to include the Western Balkans, Ukraine and Moldova, while rigorously enforcing rule of law and democratic standards, is not charity. It’s a strategic investment in Europe’s security and prosperity. Europe now faces a stark choice: Inertia on the one hand, meaning fragmented markets, stranded talent, fragile societies and rising illiberalism; or integration on the other — a single market that lowers costs, boosts competitiveness, enhances security and renews citizens’ trust. The 2028 deadline shouldn’t be seen as a slogan. It’s a contract with Europeans who want results, not reassurances. And leaders must treat it as such. Delors said Europe needs a soul. Today, it needs delivery. Let’s strengthen our defenses and societies, meet our duty to our neighbors and finish the job. Let’s do it by 2028.